Sr. Information System Security Engineer (ISSE)

System, Security, Engineer, Computer, Systems, CISSP, IT, Linux, Windows, Risk Management
Full Time
Work from home available

Job Description

Please review the job details below.

Maxar is seeking a Senior Information System Security Engineer to join our team that supports customer mission and operations. Our team is developing and maintaining a near real time analytic streaming platform that operates on the AWS platform. In this role, you will support improving the security architecture of the system that enables compliant rapid secure development, deployment, and operation of this unique system. You will participate as a core member of the systems engineering staff and will apply security engineering best practices to all stages of the development and deployment of the systems lifecycle. At Maxar, we are passionate about putting mission first and delivering quality capabilities, and we believe the security is a first-class member of that team.

Responsibilities:
  • Design system security architectureby working with the team to analyze the existing architecture, allocatesecurity functions to components, and being able to communicate the security mechanisms applied to the components.
  • Define system security requirements and capture system security concept of operations (CONOPS) for system.
  • Perform continuous monitoring activities and respond to operational requirements according to organizationally defined requirements and regulatory mandates.
  • Conduct InfoSec and Cybersecurity assessment testing and reporting in accordance with the RMF and NIST 800 53.
  • Provide support for security assessments.
  • Identify deficiencies and derive and capture solutions to remediate findings in Plan of Actions and Milestones (POA&M) roadmap.
  • Develop procedures and solutions to ensure compliance with configuration management (CM) for security relevant IS software, hardware, and firmware.
  • Capture technical details and solutions for required security-related documentation.
  • Maintain records for system resources (e.g. on-prem or cloud) throughout the information system's life cycle.
  • Participate in internal/external security audits/inspections; performs risk assessments and Continuous Monitoring.
  • Ensure proper protection and / or corrective measures have been taken when an incident or vulnerability has been discovered.
  • Other security related duties as assigned.


Minimum Requirements:
  • Must be a U.S. citizen and be willing and able to obtain a TS/SCI security clearance.
  • Bachelor's degree in Computer Science or related technical field. 4 years of additional experience may be substituted in lieu of a degree.
  • CompTIA Advanced Security Practitioner (CASP+) or ISC2 Certified Information Systems Security Professional (CISSP) (or Associate) certified.
  • 8+ years of industry experience as an ISSE or Cybersecurity Engineer.
  • 5+ years of progressive growth in skills and responsibilities in leading the incorporation of SSE requirements, designs, solutions, processes and practices across diverse and multiplatform IT (Linux, Windows) and system architectures (e.g. on-prem, cloud, hybrid).
  • 3+ years of hands-on experience with using InfoSec security tools such as Tenable Nessus, Nmap, Fortify WebInspect, and AppDetective.
  • 3+ years in deriving and capturing system architectures.
  • 3+ years in responding and addressing system vulnerabilities as necessary.


Preferred Qualifications:
  • Current/active TS/SCI clearance.
  • Advanced knowledge in system/IT operations.
  • Advanced analytical skills: Able to leverage prior experience and knowledge to derive processes and practices.
  • Advanced knowledge of the Risk Management Framework (RMF), NIST, ICD, and CNSS standards.
  • Must be able to adapt technical solutions as security requirements evolve.
  • Intermediate script building skills.
  • Good written and verbal communication skills.
  • Ability to plan technical security goals for increments and capture user stories to meet these goals.
  • Experience with a cyber security risk management application (e.g XACTA 360, CSAM, eMass, etc.)
  • Willing and able to rapidly come up to speed on new technologies.
  • Experience in software development.
  • Familiarity with JSON.
  • Experience with containerization technologies.
  • Experience with DevOps (Ansible, CloudFormation, Terraform etc.).
  • Security hardening scripting/automation experience.
  • Linux certification (RHCSA or RHCA).


#cjpost

Maxar Technologies values diversity in the workplace and is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
Dice Id : 91094828
Position Id : R12141
Originally Posted : 3 months ago
Have a Job? Post it

Similar Positions

Information Security Systems Engineer
  • Leidos
  • Chantilly, VA, USA
Information Security Systems Engineer
  • Leidos
  • Springfield, VA, USA